Hash length extension attacks allow an attacker to construct the `H(secret|message|append)`
given only `H(secret|message)` and the length of `secret|message`.
The attack uses the output hash to reconstruct the internal state of the hash function.
From there, it is trivial to feed the hash function the data to be appended and output the new hash.

How this works?
We continue hasing for we "left" by setting hash internal state:
SHA512_CTX.h[] for SHA and MD5_CTX.a, MD5_CTX.b, MD5_CTX.c, MD5_CTX.d for MD5
The data to be append is standard padding of the hash algorithms!
Plus of course the message to be append!

Missing dlls (OpenSLL), should be placed on hexpand.exe location:
https://www107.zippyshare.com/v/3Wm5yfYB/file.html